CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 1CVE-2004-0631
https://notcve.org/view.php?id=CVE-2004-0631
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command. Desbordamiento de búfer en la característica uudecoding de Adobe Acrobat Reader 5.0.5 y 5.0.6 de Unix y Linux, u posiblemente otras versiones incluyendo aquellas anteriores a 5.0.9, permite a atacantes remotos ejecutar código de su elección mediane un nombre de fichero largo para el PDF que es suministrado a al orden uudecode. • http://security.gentoo.org/glsa/glsa-200408-14.xml http://www.adobe.com/support/techdocs/322914.html http://www.idefense.com/application/poi/display?id=125&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2004-432.html http://www.securityfocus.com/bid/10932 https://exchange.xforce.ibmcloud.com/vulnerabilities/16972 https://access.redhat.com/security/cve/CVE-2004-0631 https://bugzilla.redhat.com/show_bug.cgi?id=1617242 •
CVSS: 10.0EPSS: 13%CPEs: 3EXPL: 0CVE-2004-0630
https://notcve.org/view.php?id=CVE-2004-0630
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. La caractérística uudecoding en Adobe Acrobat Reader 5.0.5 a 5.0.6 para Unix y Linux, y posiblemente otras versiones incluyendo aquellas anteriores a 5.0.9, permite a atacantes remotos ejecutar código arbitrario mediante metacaractéres de shell ("`" o comilla invertida) en el nombre del fichero que es suministrado a la orden uudecode. • http://security.gentoo.org/glsa/glsa-200408-14.xml http://www.adobe.com/support/techdocs/322914.html http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2004-432.html http://www.securityfocus.com/bid/10931 https://exchange.xforce.ibmcloud.com/vulnerabilities/16973 https://access.redhat.com/security/cve/CVE-2004-0630 https://bugzilla.redhat.com/show_bug.cgi?id=1617241 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2003-0508 – Adobe Unix Acrobat Reader 4.0/5.0 - WWWLaunchNetscape Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0508
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. Desbordamiento de búfer en la función WWWLaunchNetscape de Adobe Acrobat Reader 5.0.7 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante un fichero .pdf con un enlace largo. • https://www.exploit-db.com/exploits/22846 http://marc.info/?l=bugtraq&m=105709569312583&w=2 http://marc.info/?l=bugtraq&m=105785749721291&w=2 •
CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0CVE-2002-0030
https://notcve.org/view.php?id=CVE-2002-0030
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. El mecanismo de firma digital del visor de PDF Adobe Acrobat Reader sólo verifica la cabecera PE del código ejecutable de un plug-in, lo que puede permitir a atacantes ejecutar código arbitrario en modo certificado haciendo que parezca que el plug-in parezca firmado por Adobe. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0148.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004230.html http://www.kb.cert.org/vuls/id/549913 http://www.kb.cert.org/vuls/id/JSHA-5EZQGZ •